Koc
Moderator
- Joined
- Jun 28, 2020
- Messages
- 192
- Reaction score
- 5,211
- Points
- 93
A cybercriminal using the alias NightLion reported hacking the internal servers of the American is firm Night Lion Security. The hacker allegedly stole information from the "data leak detection" service DataViper, owned by Night Lion Security. The stolen information includes more than 8,225 databases containing records of billions of users that were leaked as a result of hacking by other companies,ZDNet reported.
Data leak detection services are a common type of service offered by cybersecurity firms. IB companies scan the darknet, hacker forums, data exchange sites, and other places for information about companies whose data ended up on the Network. They collect "hacked databases" in private backends, allowing customers to search for and track new data leaks.
The hacker sent an email to several news outlets with a link to a portal on the darknet. The site has an electronic magazine (e-zine) that details the cyberattack on DataViper's internal servers. According to the attacker, he had access to DataViper servers for three months, filtering databases.
The hacker published on the portal a complete list of 8,225 databases indexed in DataViper, a list of 482 downloadable JSON files containing samples of data from DataViper servers, and proof that he had access to the DataViper backend. A cybercriminal placed an ad on the underground trading platform Empire for the sale of 50 largest databases found in the DataViper backend.
Vinny Troia, the founder of Night Lion Security, confirmed to ZDNet that the hacker got access to one of the DataViper servers, but the server is allegedly only a test instance. The expert believes that the attacker is selling their own databases, not stolen information from the server, since this data has been publicly available for many years or was obtained from other cybercriminals.
According to Troya, the hacker is associated with several cybercrime groups, such as TheDarkOverlord, ShinyHunters and GnosticPlayers. According to the expert, the criminal intended to damage his reputation by his actions before he spoke at the SecureWorld security conference.
Data leak detection services are a common type of service offered by cybersecurity firms. IB companies scan the darknet, hacker forums, data exchange sites, and other places for information about companies whose data ended up on the Network. They collect "hacked databases" in private backends, allowing customers to search for and track new data leaks.
The hacker sent an email to several news outlets with a link to a portal on the darknet. The site has an electronic magazine (e-zine) that details the cyberattack on DataViper's internal servers. According to the attacker, he had access to DataViper servers for three months, filtering databases.
The hacker published on the portal a complete list of 8,225 databases indexed in DataViper, a list of 482 downloadable JSON files containing samples of data from DataViper servers, and proof that he had access to the DataViper backend. A cybercriminal placed an ad on the underground trading platform Empire for the sale of 50 largest databases found in the DataViper backend.
Vinny Troia, the founder of Night Lion Security, confirmed to ZDNet that the hacker got access to one of the DataViper servers, but the server is allegedly only a test instance. The expert believes that the attacker is selling their own databases, not stolen information from the server, since this data has been publicly available for many years or was obtained from other cybercriminals.
According to Troya, the hacker is associated with several cybercrime groups, such as TheDarkOverlord, ShinyHunters and GnosticPlayers. According to the expert, the criminal intended to damage his reputation by his actions before he spoke at the SecureWorld security conference.